[strongSwan] phase 2 failing - Juniper Netscreen ISG 2000
Martin Willi
martin at strongswan.org
Mon May 19 16:46:45 CEST 2014
Hi Roland,
> this is my first time configuring openswan with juniper, all my other
> configs were with cisco (which are currently working) something wrong
> with configuration which is preventing me from establishing the
> tunnel.
This is the user mailing list of the strongSwan project, which these
days is completely different from openswan. If you need help with
openswan related issues, you should ask on their mailing list.
If you are actually using strongSwan, I recommend to try using a newer
5.x release, which comes with a new unified implementation for IKEv1 and
IKEv2 (no pluto anymore).
> 117 "some_dst/0x2" #21: STATE_QUICK_I1: initiate
> 010 "some_dst/0x2" #21: STATE_QUICK_I1: retransmission; will wait 20s for response
> 010 "some_dst/0x1" #20: STATE_QUICK_I1: retransmission; will wait 20s for response
Obviously your Juniper box does not reply to the Quick Mode exchange.
Maybe you find some more information in the Juniper log?
Regards
Martin
More information about the Users
mailing list